#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

what is cloud computing | Breaking Cybersecurity News | The Hacker News

Hacker group RedHack faces up to 24 years in prison for terrorist crimes

Hacker group RedHack faces up to 24 years in prison for terrorist crimes
Oct 08, 2012
As part of an investigation launched by Başsavcıvekilliği in Ankara on March 20 arrested seven people, including college students. 13 of the indictment prepared by the prosecutor's office in Ankara Was adopted by the High Criminal Court.  Court has accepted an indictment against RedHack, a Turkish hacker group, seeking prison sentences of 8.5 to 24 years for its members as " members of a terrorist group ."  The suspects include three held under arrest  - Duygu Kerimoğlu, Alaattin Karagenç and Uğur Cihan Oktulmuş, under arrest for the past seven months. The suspects stand accused of membership in an armed terrorist organization, illegally obtaining confidential documents and personal information and accessing information systems without permission. Scope of the assessment: " Hierarchical and structured in order to be organized as a terrorist organization, titling, and posting bills realized by events, actions, photographs published on the internet, attacked and seized action

Hackers deface Philippines Department of Environment website

Hackers deface Philippines Department of Environment website
Oct 07, 2012
Hackers incensed by the Philippines' controversial cybercrime law have attacked government sites that deliver emergency information during natural disasters. The website of the Department of Environment and Natural Resources (DENR) was hacked on Saturday, despite calls from Malacañang for a ceasefire. Home page message, "Sorry Admin, Hacked!" and a symbol of a crescent moon and a star, both found on Flag of Turkey (take a look on the red Text). But the site, www.denr.gov.ph , was restored after a minutes. Last Monday,  Anonymous Hackers defaced 11 government  websites. President Benigno Aquino's spokeswoman Abigail Valte appealed for a stop to the attacks, on the websites and social media accounts of the weather service, the earthquake and tsunami monitoring service and the social welfare agency. Hackers announce their next target on their twitter accounts that they've been eyeing " Senator Vicente C. Sotto III " website's.

Hands-on Review: Myrror Security Code-Aware and Attack-Aware SCA

Hands-on Review: Myrror Security Code-Aware and Attack-Aware SCA
Feb 09, 2024Static Code Analysis
Introduction The modern software supply chain represents an ever-evolving threat landscape, with each package added to the manifest introducing new attack vectors. To meet industry requirements, organizations must maintain a fast-paced development process while staying up-to-date with the latest security patches. However, in practice, developers often face a large amount of security work without clear prioritization - and miss a significant portion of the attack surface altogether. The primary issue arises from the detection and prioritization methods used by traditional Static Code Analysis (SCA) tools for vulnerabilities. These methods lack the organizational-specific context needed to make an informed scoring decision: the score, even if critical, might not  actually  be critical for an organization because its infrastructure works in a unique way - affecting the actual impact the vulnerability might have.  In other words, since these tools depend on a relatively naive methodol

Swedish authorities raid on PRQ prompts new cyber attack from Anonymous

Swedish authorities raid on PRQ prompts new cyber attack from Anonymous
Oct 03, 2012
Computer hackers claiming to be from the Anonymous network took over the official website of Sweden's National Board of Health and Welfare. The attacks come just days after police on Monday raided a Stockholm-based webhosting company, PRQ, and a video was posted on YouTube - allegedly made on behalf of the hacker group Anonymous - warning Swedish authorities of repercussions. Hacktivist network Anonymous has warned that Sweden's Riksbank will suffer a cyber-attack on Wednesday night.  " It's come to our attention that Swedish government raided PRQ servers in order to shut down numerous file sharing and torrent websites ," " This has gone too far. This is unacceptable. Anonymous says this stops right now. You don't fuck with The Internet… Today we hit their wallets hard. "  wrote the Anonymous group on 4chan. The Riksbank is taking the threat seriously: " We recognize this as a public threat against websites and we are always trying to keep the web as safe as possible. We have

The Critical State of AI in the Cloud

cyber security
websiteWiz.ioArtificial Intelligence / Cloud Security
Wiz Research reveals the explosive growth of AI adoption and what 150,000+ cloud accounts revealed about the AI surge.

Internet freedom : Anonymous Brings Philippines Government Sites Offline

Internet freedom : Anonymous Brings Philippines Government Sites Offline
Oct 03, 2012
Hacker groups that are against the controversial Cybercrime Prevention Law for its effect on the country's freedom of expression defaced 11 more government websites since 11 p.m. Monday A message which said, " Hacked by M4N1L4 PR1D3, PHILIPPINE CYBER ARMY AND -=TheFamilyPride=- ," appeared on the homepage of PNP's Police Community Relations Group (PCRG). "Private X" and "Anonymous Philippines" hacked websites of the Department of Interior and Local Government, the One-Stop Information Shop for Technologies in the Philippines of the Department of Science and Technology, National Telecommunications Commission (NTC), Philippine Nuclear Institute, Intellectual Property Office of the Philippines, Tourism website of the City of San Fernando, Optical Media Board, Pilipinas Anti-Piracy Team, Department of Health's Smoke Free Philippines, Marina Industry Authority and the Maritime Training Council. The Twitter account of the Department of Social Welfare and Services was

Anonymous dump 2.5 GB data from email of priest accused for child abuse

Anonymous dump 2.5 GB data from email of priest accused for child abuse
Sep 13, 2012
In July 2012 Italy police have arrested a Catholic priest over allegations he abused a teen girl. Father Don Giacomo Ruggeri , 43, was immediately suspended from all priestly duties and police had raided his home and seized his computer. Anonymous Hackers today publish 2.5 GB of private mails from the Gmail of a priest recently protagonist of a story related to alleged child abuse on  official blog of Anonymous Italy. " The story of Don Ruggeri is yet another demonstration of how your institution has undermined the principles that should inspire. Fomented hatred and stigma toward anyone who shows a sexual orientation different from what you call "natural", in line with a model of patriarchal society and discriminating. The real unnaturalness is disgusting in your modus operandi. Your greed, your greed is posted ." Hacker upload a series of documents containing more than 2 gigabytes of messages received and sent e-mail account on DepositFiles. In a statement by A

The 10 Most Infamous Student Hackers of All Time

The 10 Most Infamous Student Hackers of All Time
Sep 10, 2012
Hacking has always been inherently a young person's game. The first usage of the word "hacker" was to describe pranksters meddling with the phones at MIT. Many hackers have cited boredom, a desire for change, or the thrill of going somewhere one is not supposed to go as their motivation for hacking, all of which could apply to scores of common activities on college campuses. While today's hacking scene is dominated by large hacking groups like Anonymous and Masters of Deception, many of the greatest hacks ever have been pulled off by college, high school, and even middle school kids who rose to infamy armed only with a computer and the willingness to cross the bounds of legality. 1.) Sven Jaschan: In the words of one tech expert , "His name will always be associated with some of the biggest viruses in the history of the Internet." The viruses: the Sasser and NetSky worms that infected millions of computers and have caused millions of dollars of damage since their release in 2004. The

BASTARDS!!

BASTARDS!!
Sep 08, 2012
Last month, those assholes in the California State Assembly passed a resolution urging state educational institutions to more aggressively crack down on criticism of the State of Israel on campuses, which the resolution defines as "anti-Semitism." The anti-democratic resolution is the latest step in the broader campaign to stifle and suppress dissent on California's increasingly volatile campuses. Get this, it passed without public discussion. The vote on the resolution came when most students were between semesters and away from their campuses. The resolution uses the classic trick employed by defenders of Israel's Zionist regime: lumping together any criticism of the Israeli state's policies or of the US government's support for them with racist attacks on Jews. The bulk of the resolution is dedicated to defining criticism of the state of Israel as "anti-Semitism."  It lists the following as examples of "anti-Semitism": • "language or behavior [that] demonizes and delegitimizes Is

CRIME : New SSL/TLS attack for Hijacking HTTPS Sessions

CRIME : New SSL/TLS attack for Hijacking HTTPS Sessions
Sep 08, 2012
Two security researchers claim to have developed a new attack that can decrypt session cookies from HTTPS (Hypertext Transfer Protocol Secure) connections. From the security researchers who created and demonstrated the BEAST (Browser Exploit Against SSL/TLS) tool for breaking SSL/TLS encryption comes another attack that exploits a flaw in a feature in all versions of TLS. The new attack has been given the name CRIME by the researchers.The CRIME attack is based on a weak spot in a special feature in TLS 1.0, but exactly which that feature is has not been revealed by the researchers. They will say that all versions of TLS/SSL including TLS 1.2, on which the BEAST attack did not work are vulnerable. Once they had the cookie, Rizzo and Duong could return to whatever site the user was visiting and log in using her credentials. HTTPS should prevent this type of session hijacking because it encrypts session cookies while in transit or when stored in the browser. But the new attack, devis

Oracle releases patches for Java vulnerability CVE-2012-4681

Oracle releases patches for Java vulnerability CVE-2012-4681
Aug 31, 2012
Oracle has released a new patch which kills off a vulnerability in Java 7 that was being exploited by malware developers. " Due to the high severity of these vulnerabilities, Oracle recommends that customers apply this Security Alert as soon as possible ," Eric Maurice, the company's director of software security assurance. The out-of-band Security Alert CVE-2012-4681 includes fixes for "three distinct but related vulnerabilities and one security-in-depth issue" affecting Java running within the browser. Users with vulnerable versions of Java installed can have malware silently planted on their systems just by browsing to a hacked or malicious website unknowingly.Java is a free programming language widely used to enable every day programs and website elements to function, including some games, apps and chat, as well as enterprise apps. The attacks using this vulnerability so far have been Windows-based, the exploit was demonstrated on other platforms supported by Java

Saudi Aramco Oil Producer's 30,000 workstations victim of Cyber Attack

Saudi Aramco Oil Producer's 30,000 workstations victim of Cyber Attack
Aug 27, 2012
Saudi Aramco, the world's biggest oil producer, has resumed operating its main internal computer networks after a virus infected about 30,000 of its workstations in mid-August. Immediately after the Aug. 15 attack, the company announced it had cut off its electronic systems from outside access to prevent further attacks. Saudi Aramco said the virus "originated from external sources" and that its investigation into the matter was ongoing. There was no mention of whether this was related to this month's Shamoon attacks. " The disruption was suspected to be the result of a virus that had infected personal workstations without affecting the primary components of the network, " Saudi Aramco said over Facebook . " We would like to emphasize and assure our stakeholders, customers and partners that our core businesses of oil and gas exploration, production and distribution from the wellhead to the distribution network were unaffected and are functioning as reliably as ever

Turkish hackers hack FC Spartak Moscow Soccer team

Turkish hackers hack FC Spartak Moscow Soccer team
Aug 24, 2012
Turkish hackers recently hacked the Web site of soccer team FC Spartak Moscow after the Russian team's fans burned Turkish flags and pictures of Atatürk during a Champions League playoff match against Turkish team Fenerbahce on August 21. A portrait of Atatürk next to a Turkish flag was also posted on the website. The group replaced the website's original content with a statement that called on the team to "immediately apologize." " You will immediately apologize to the Turkish Republic and the Turkish people. No crime goes without punishment, and FIFA may forgive you, but we won't ," The Spartak site was running again by Thursday afternoon after the club used its Twitter account to blame the incident on 'Turkish hackers. Spartak Moscow fans burned flags and posters of modern Turkey's founding father, Mustafa Kemal Atatürk, during their team's 2-1 victory over the Istanbul giants in the first leg of their Champions League playoff.

LulzSec Leader Sabu Gets 6-Month Sentencing Delay for helping Feds

LulzSec Leader Sabu Gets 6-Month Sentencing Delay for helping Feds
Aug 23, 2012
Today was the day that Hector Xavier Monsegur, a.k.a. Sabu, Xavier DeLeon, and Leon, was supposed to be sentenced for the 12 counts of computer hacking conspiracies and other crimes he pleaded guilty to, including the infamous hacks of HBGary Federal, HBGary, Sony, Fox, and PBS, but he has had his sentencing delayed, perhaps as a reward for assisting the US police with their enquiries and investigations. Monsegur allegedly rooted out the vulnerabilities used in the hacks conducted by LulzSec, which went on a high-profile tear in 2011 that exposed emails, documents, and other information of its victim organizations. Sabu is the hacker nom de plume of 28-year-old New Yorker Hector Monsegur, an unemployed father of two who allegedly commanded a loosely organized, international team of perhaps thousands of hackers from his nerve center in a public housing project on New York's Lower East Side. According to the FBI, he could face a maximum sentence of 124 years and six months for 12 offe

Philippine police arrest 357 foreigners for cyber fraud

Philippine police arrest 357 foreigners for cyber fraud
Aug 23, 2012
Police on Thursday rounded up 357 foreigners accused of duping Taiwanese and Chinese citizens in an online scam in what an official described as the largest single-day operation against organized crime in the country.  Director Samuel Pagdilao Jr., CIDG director, said CIDG and Paocc agents led by Senior Supt. Ranier Idio raided 20 houses in several subdivisions in Quezon, Manila, Marikina, Cainta and Antipolo cities at around 6:30 a.m. on Thursday and they rounded up the foreigners. The suspects were brought to the Police National Training Institute (PNTI) in Camp Vicente Lim in Laguna. They face charges for violating the Access Device Act. The syndicate's operations involve the use of the internet, wherein the group will call unsuspecting victims in China, claiming that they represent police, prosecutor's office, courts, insurance companies, banks, and other financial institutions. The syndicate raked in at least P20 million ($472,000) each day using the scam, Pagdilao said.

Airport VPN hacked using Citadel malware

Airport VPN hacked using Citadel malware
Aug 16, 2012
It sounds like an air traveler's nightmare, Researchers at Trusteer recently uncovered a variant of the Citadel Trojan targeting the virtual private network (VPN) credentials used by employees at a major airport.The firm would not disclose the name of the airport because the situation is being investigated by law enforcement. Many businesses use VPNs to provide outside workers with access to secure data. Incursions on these networks often involve advanced "Man in the Browser" malware such as the Citadel, Zeus, and SpyEye programs. The man-in-the-browser (MITB) assault first used form-grabbing malware, which steals data entered into web forms before it is passed over the internet, to steal the airport employees' VPN usernames and passwords, Amit Klein, Trusteer's chief technology officer, said in a blog post. "This was potentially very dangerous, but we don't know whether the attacker group was targeting the financial system of the airport for economic gain or if the attack wa

Mariposa botnet creator goes on trial

Mariposa botnet creator goes on trial
Aug 09, 2012
26-year-old Slovenian hacker known as Iserdo stands thought to have been behind the Mariposa botnet is on trial in Slovenia, charged with having masterminded an international cybercrime gang. At its height, the Mariposa botnet infected up to 12.7 million PCs, with more than half of the Fortune 1,000 companies believed to have been compromised, including 40 major banks. Once a computer had been compromised and brought into the botnet, operators could steal information from innocent users - including credit card details and banking passwords. Computer crime-fighting authorities had succeeded in bringing down the Mariposa botnet at the end of 2009, FBI officials worked with Spanish and Slovenian authorities to track down Mariposa's mastermind, Iserdo. He was said to charge between $500 for basic versions of the botnet code and up to $1,300 for more advanced ones, which included customised features, such as capabilities which allowed its operators to to steal credit cards and onlin

Open letter to the Australian people from Mother of Julian Assange

Open letter to the Australian people from Mother of Julian Assange
Jul 19, 2012
There have been numerous public statements made about WikiLeaks and its editor-in-chief Julian Assange that are factually inaccurate.Prime Minister Julia Gillard said about WikiLeaks, "It's illegal." Attorney General Nicola Roxon said my son "fled Sweden." The media repeatedly states, "Assange is charged or facing charges" in relation to Swedish sex allegations. If you want to know  The Truth About Julian Assange And Wikileaks , Please read our previous Story " One Man Fights for 7 Billion People, One Mother Battles to Wake Them Up " Letter is as below, To read complete Press Release ( Click Here) Dear Member of Parliament, We (Wikileaks Australian Citizens Alliance) are writing to you on behalf of Christine Assange, (Julian Assange's mother) who is currently in the UK, waiting for the UK Supreme Court Ruling on her son's appeal against extradition to Sweden. This ruling will be handed down later today (EST) and we, like Chris

Hacker wanted by FBI held in India For Carding Crimes

Hacker wanted by FBI held in India For Carding Crimes
Jul 14, 2012
Nikhil Kolbekar, aka HellsAngel, was arrested on July 11 in Mumbai, India. Eric Bogle, known as Swat Runs Train, and Justin Mills, or xTGxKAKAROT, were taken into custody in Canada, respectively Colorado, US.  HellsAngel and  Bogle is suspected of selling complete credit card details, including names, addresses, social security numbers, birth dates, and bank account information. He also sold remote desktop protocol (RDP) access data that could be utilized to breach computers in countries such as Turkey, India, Czech Republic, Brazil, Germany, France, Italy, Spain, Sweden, and others. The suspect, Nikhil Kolbekar, was produced before the Esplanade Court on Thursday and has been remanded in judicial custody. He will be produced before the Patiala House court in Delhi on July 25, with the US pressing for his extradition through the Interpol. Carding refers to various criminal activities associated with stealing personal identification information and financial information belonging to

Bulgarian Hackers Group arrested

Bulgarian Hackers Group arrested
Jul 06, 2012
Bulgarian Hackers Group arrested Bulgarian authorities say that after months of investigation they have busted the "most powerful hacker group" in the country, the Cyber Warrior Invasion. The operation was conducted by Bulgaria's Sector for Computer Crimes, Intellectual Property and Gambling and the territorial units of the Chief Directorate for Fight with Organized Crime in the municipalities of Pleven, Shumen, Plovdiv, Burgas, Haskovo, Stara Zagora and Kyustendil. Using cyber "terrorist" methods, the group had attacked more than 500 websites worldwide, including those of financial institutions, web-based companies, and governmental and non-governmental organizations. On the confiscated computers, police discovered databases with large amounts of stolen emails, social network profiles and associated passwords, as well as stolen credit card data. The site www.cwi-group.org was used by the members of the group to coordinate their activities. Constantly changing its location and usin

Zemra Botnet Leaked, Cyber Criminals performing DDoS Attacks

Zemra Botnet Leaked, Cyber Criminals performing DDoS Attacks
Jun 27, 2012
Zemra Botnet Leaked, Cyber Criminals performing DDoS Attacks The Zemra DDoS Bot is currently sold in various forums for about 100 € and detected by Symantec as Backdoor.Zemra . Zemra first appeared on underground forums in May 2012. This crimeware pack is similar to other crime packs, such as Zeus and SpyEye, in that is has a command-and-control panel hosted on a remote server. Zemra uses a simple panel with an overview of all statistics is needed.With the help of two graphs can be seen operating machinery and the region location.In addition, statistics on online and for more information. You have a chance to see everything online Socks5 and export them to the list.Traffic is encrypted and protected using the algorithm AES, each client communicates with a unique generated key. Note : In " Tools Yard " we have Posted Zemra Source Code , Only for Educational Purpose. A brief functional: • Intuitive control panel • DDos (HTTP / SYN Flood / UDP) • Loader (Load and ru

Operation Card Shop : FBI Arrested 24 Credit Card Cyber Criminals

Operation Card Shop : FBI Arrested 24 Credit Card Cyber Criminals
Jun 27, 2012
Operation Card Shop : FBI Arrested 24 Credit Card Cyber Criminals The FBI has arrested 24 cybercriminals part of an international law enforcement operation aiming to arrest and prosecute the users of a sting operation called "Carder Profit". The suspects, collared after a two-year investigation dubbed "Operation Card Shop," allegedly stole credit card and banking data and exchanged it with each other online. " We put a major dent in cybercrime ," she said. " This is an unprecedented operation. "In the sting, which they called Operation Card Shop, undercover investigators created an online bazaar to catch buyers and sellers of credit card data and other private financial information. They also aimed at people who clone and produce the physical credit cards that are then used to buy merchandise. Some CarderProfit users apparently learned of the involvement of the feds months ago. A Twitter user with the name @JoshTheGod wrote that "has informants and most likly to be belie
Cybersecurity Resources